Security risk management system, server, control method, and non-transitory computer-readable medium

a security risk management system and control method technology, applied in the field of security risk management systems, can solve problems such as security risks in terminals used by companies, and achieve the effect of reducing the time needed

Inactive Publication Date: 2021-06-03
NEC CORP
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This approach allows security administrators to take immediate countermeasures upon vulnerability information release, reducing the time needed to respond to security threats while maintaining the secrecy of the information until its intended release.

Problems solved by technology

Terminals used by companies are subject to security risks including vulnerabilities in hardware or software.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security risk management system, server, control method, and non-transitory computer-readable medium
  • Security risk management system, server, control method, and non-transitory computer-readable medium
  • Security risk management system, server, control method, and non-transitory computer-readable medium

Examples

Experimental program
Comparison scheme
Effect test

first embodiment

(1-2) Operation of First Embodiment

[0064]The operation of the security system according to the first embodiment is described hereinafter in detail.

[0065](1-2-1) First, the operation of the vulnerability information distribution system 210 that receives vulnerability information from the vulnerability information transmission system 110, creates vulnerability information data and transmits it to the server 310 is described with reference to FIG. 4.

[0066]Referring to FIG. 4, in the vulnerability information distribution system 210, the vulnerability information receiving unit 211 receives vulnerability information transmitted from the vulnerability information transmission system 110 (S101). The vulnerability information contains information about an overview of vulnerabilities, information about a method for investigation, information about a method for countermeasures, and information about a release date and time. The vulnerability information receiving unit 211 transmits the recei...

second embodiment

(2) Second Embodiment

[0095]A second embodiment corresponds to one embodiment where the dominant conception of the above-described first embodiment is extracted. FIG. 14 shows a block configuration example of a security risk management system 305 according to the second embodiment.

[0096]Referring to FIG. 14, the security risk management system 305 according to the second embodiment includes a server 310 and an agent unit 320, just like in the first embodiment. The agent unit 320 corresponds to the terminal 330 whose vulnerabilities are to be managed (see FIG. 1), and it is installed into the corresponding terminal 330. Although FIG. 14 shows an example in which one agent unit 320 corresponding to one terminal 330 is placed, if there are a plurality of terminals 330, a plurality of agent units 320 respectively corresponding to the plurality of terminals 330 are placed.

[0097]The server 310 includes a communication unit 3101 and a presentation unit 3102. The communication unit 3101 corr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A security risk management system (305) of the present disclosure includes a server (310) and an agent unit (320) included in a terminal. The server (310) transmits vulnerability information to the agent unit (320) before the release date and time of the vulnerability information. The agent unit (320) investigates the presence or absence of vulnerabilities in the terminal based on information regarding a method for vulnerability investigation contained in the vulnerability information, and transmits vulnerability investigation results containing the investigation results to the server (310) before the release date and time of the vulnerability information. The server (310) presents the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.

Description

CROSS REFERENCE TO RELATED APPLICATIONS[0001]This application is a Continuation of U.S. application Ser. No. 16 / 084,687 filed on Sep. 13, 2018, which is a National Stage of International Application No. PCT / JP2017 / 011586 filed Mar. 23, 2017, claiming priority based on Japanese Patent Application No. 2016-061774 filed Mar. 25, 2016, the disclosure of which is incorporated herein in their entirety by reference.TECHNICAL FIELD[0002]The present disclosure relates to a security risk management system, a server, a control method, and a non-transitory computer-readable medium.BACKGROUND ART[0003]Terminals used by companies are subject to security risks including vulnerabilities in hardware or software. This raises a need for companies to manage the vulnerabilities of terminals in the companies. In recent years, a security risk management system that supports the management of vulnerabilities has been proposed (e.g., Patent Literature 1).CITATION LISTPatent Literature[0004]Patent Literature...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & AuthorityApplications(United States)
IPC IPC(8): G06F21/57G06F21/55G06Q10/06
CPCG06F21/577G06F2221/034G06Q10/0635G06F21/552
InventorUSUBA, TOSHIMITSU
OwnerNEC CORP